Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e1cc563b-3ad8-4c2f-9f0e-dae5ff843492.roa
File:                     e1cc563b-3ad8-4c2f-9f0e-dae5ff843492.roa (raw, json)
Hash identifier:          kfSo0dSMYgxDZGXEzZJ7OIxAiSKk2JOoJPHpQ6WTTqc=
Subject key identifier:   9A:D6:D6:97:B2:EB:95:6C:B5:B2:BA:30:35:C3:BE:A5:0D:2F:35:BB
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       38970C2E7A78A898027785E6BE55DF4F8D4286DA
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e1cc563b-3ad8-4c2f-9f0e-dae5ff843492.roa
Signing time:             Tue 19 May 2026 02:11:13 +0000
ROA not before:           Tue 19 May 2026 02:11:13 +0000
ROA not after:            Mon 17 Aug 2026 23:59:59 +0000
asID:                     16509
IP address blocks:        52.95.48.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 14 Jun 2026 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:97:0c:2e:7a:78:a8:98:02:77:85:e6:be:55:df:4f:8d:42:86:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 19 02:11:13 2026 GMT
            Not After : Aug 17 23:59:59 2026 GMT
        Subject: serialNumber=34b5c3802b262f1bee73af5b3e3bb97218b1a8456cfceccdb470f6fcfc1e199a, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:e7:4e:b2:52:bc:ed:5b:1b:1c:5d:e6:bb:f4:
                    85:a5:75:94:18:af:20:6c:29:4b:b2:9d:9a:b0:e2:
                    b1:ba:57:95:11:51:96:e7:74:5a:e4:73:80:8d:6e:
                    ef:25:fd:fe:20:39:b7:8d:61:c7:91:e3:87:5f:7a:
                    b0:ad:d5:b9:92:a1:76:00:6e:0f:fe:d4:0a:47:70:
                    6d:ed:f2:63:74:32:08:44:e0:52:26:1e:62:16:82:
                    b1:10:f9:dd:07:f3:2d:62:07:38:ce:94:05:57:cf:
                    e9:6b:17:f4:77:a1:63:a7:7f:d5:af:43:32:83:24:
                    08:48:cb:c4:27:f6:ff:0c:83:c6:ff:b6:fa:3c:d1:
                    ff:6a:bd:94:f4:d8:5f:29:26:f4:74:5e:e5:63:e8:
                    86:40:9f:59:56:d0:2e:17:b5:19:d4:a2:34:79:0c:
                    49:a3:8d:20:45:f9:70:fa:9b:57:48:a3:00:7f:df:
                    02:4f:cb:a6:c3:3d:93:18:c3:76:9b:54:5b:dd:c3:
                    d3:5c:58:a1:12:62:48:da:04:30:79:2a:96:ef:7c:
                    46:cd:9d:78:8b:72:12:78:30:00:19:ea:b3:ed:62:
                    4c:f5:cb:dd:13:90:cb:46:2e:db:c0:f4:c5:68:b5:
                    11:ad:89:7e:7d:d5:15:97:fd:80:f3:f8:f5:8d:c4:
                    20:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:D6:D6:97:B2:EB:95:6C:B5:B2:BA:30:35:C3:BE:A5:0D:2F:35:BB
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e1cc563b-3ad8-4c2f-9f0e-dae5ff843492.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.95.48.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9e:57:dc:07:1d:e7:6f:fe:39:5c:6f:5f:ad:4f:74:c3:99:81:
         00:ec:56:0e:d6:d3:93:10:dc:7c:23:3c:1f:08:9e:1e:56:44:
         35:8b:79:e1:04:35:ea:ea:93:2b:3f:b2:45:6f:fb:1c:a0:d5:
         87:07:33:f1:18:50:66:ae:d2:d7:17:5d:7c:13:36:23:77:9b:
         1e:ab:b0:75:62:de:d3:d1:07:b9:3f:a2:bf:2a:9d:03:15:6d:
         b7:12:c6:3b:8d:e7:26:11:30:69:ac:29:e3:ab:ab:73:2a:64:
         5b:0c:8f:88:b0:b7:18:8b:01:26:0b:1c:3f:2f:8f:36:c2:ee:
         45:ef:42:58:8e:bd:d7:cb:92:3c:b4:df:a1:7a:10:03:a5:e3:
         77:9c:03:fc:a5:6f:c3:19:cd:e0:33:d0:bf:b4:ef:74:00:3d:
         0c:ff:2b:47:32:c5:54:1e:e1:1a:ee:3c:06:a7:42:b2:28:a1:
         9f:c9:d9:2f:1d:ba:7d:fc:7d:5e:5a:e5:fb:a0:b1:09:7c:a0:
         ff:b5:a7:8e:82:4a:e8:fa:95:ec:96:33:da:b1:68:75:28:eb:
         00:65:81:9e:71:84:72:c3:5f:f2:aa:1b:1a:64:6d:01:48:6b:
         a0:a3:8e:db:ad:b3:b5:f2:26:1a:44:e5:0b:b0:d6:33:c0:5c:
         e9:67:7b:6a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUOJcMLnp4qJgCd4XmvlXfT41ChtowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTE5MDIxMTEzWhcNMjYwODE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNGI1YzM4MDJiMjYyZjFiZWU3M2FmNWIzZTNiYjk3MjE4
YjFhODQ1NmNmY2VjY2RiNDcwZjZmY2ZjMWUxOTlhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCR506yUrztWxscXea79IWldZQYryBsKUuynZqw4rG6V5UR
UZbndFrkc4CNbu8l/f4gObeNYceR44dferCt1bmSoXYAbg/+1ApHcG3t8mN0MghE
4FImHmIWgrEQ+d0H8y1iBzjOlAVXz+lrF/R3oWOnf9WvQzKDJAhIy8Qn9v8Mg8b/
tvo80f9qvZT02F8pJvR0XuVj6IZAn1lW0C4XtRnUojR5DEmjjSBF+XD6m1dIowB/
3wJPy6bDPZMYw3abVFvdw9NcWKESYkjaBDB5KpbvfEbNnXiLchJ4MAAZ6rPtYkz1
y90TkMtGLtvA9MVotRGtiX591RWX/YDz+PWNxCBzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUmtbWl7LrlWy1srowNcO+pQ0vNbswHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2UxY2M1NjNiLTNhZDgtNGMyZi05ZjBlLWRhZTVmZjg0MzQ5Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAI0XzAwDQYJKoZIhvcNAQELBQADggEBAJ5X3Acd52/+OVxvX61PdMOZgQDs
Vg7W05MQ3HwjPB8Inh5WRDWLeeEENerqkys/skVv+xyg1YcHM/EYUGau0tcXXXwT
NiN3mx6rsHVi3tPRB7k/or8qnQMVbbcSxjuN5yYRMGmsKeOrq3MqZFsMj4iwtxiL
ASYLHD8vjzbC7kXvQliOvdfLkjy036F6EAOl43ecA/ylb8MZzeAz0L+073QAPQz/
K0cyxVQe4RruPAanQrIooZ/J2S8dun38fV5a5fugsQl8oP+1p46CSuj6leyWM9qx
aHUo6wBlgZ5xhHLDX/KqGxpkbQFIa6Cjjtuts7XyJhpE5Quw1jPAXOlne2o=
-----END CERTIFICATE-----